Privileged Account Management
The Vendor Access problem (and solution!)
Think about...
a particular (and very common) scenario, around vendor management.
As a business you have a Third Party Vendor requiring access to your systems to complete maintenance or project works. Furthermore, for them to complete their scope of works they need privileged access to your systems (I.e. Administrative access).
You have provided
an external (albeit contracted and trusted) third party with a privileged username and password to a
system on your network.
Ask yourself...
How certain are you that their username/ password is secure?
Is the device that they are accessing your network secure (or has it been compromised)?
What other access does that Privileged Account provide access to within your systems and network?
Is the password easy pickings for a brute force attempt?
When was the last time the password was rotated?
Is the username/ password shared among a number of vendors or people within the one company? If so, how do you hold the a particular individual accountable for their actions inside your network?
Do you know what the third party is doing while logged in?
Unfortunately privileged accounts are used in around 80% of all breaches (through their abuse or misuse).
Access to your privileged accounts needs to be controlled, monitored and revoked at any given time to reduce the susceptibility to hackers and a subsequent breach.
With a Privileged password and privileged session management solution you can:
Improve accountability and control over shared passwords by securing, controlling, alerting
and recording accessSecure and automate the process for managing privileged account passwords and SSH keys.
Control how people, services, applications and scripts access credentials.
Auto-logon users without revealing the password.
Add login approvals to increase accountability and control user sessions.
Record all user and administrator activity in a comprehensive audit trail.
Alert in real-time as passwords are released, and session activity is started.
If you are concerned that the misuse of your privileged accounts may lead to a breach, please get in touch with us for a further confidential conversation around how we can assist.